The highest tagged major version is
Documentation
¶
Index ¶
- type CachingVerifyStrategy
- type FallbackVerifyStrategy
- type LocalStrategyOption
- type LocalVerifyStrategy
- type RemoteVerifyStrategy
- type StrategySelector
- type TokenClaims
- type TokenVerifier
- type TokenVerifierOption
- type VerifyMetadata
- type VerifyOptions
- type VerifyResult
- type VerifyResultCache
- type VerifyStrategy
- type VerifyTokenClient
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CachingVerifyStrategy ¶
type CachingVerifyStrategy struct {
// contains filtered or unexported fields
}
CachingVerifyStrategy 缓存验证结果的策略。
func NewCachingVerifyStrategy ¶
func NewCachingVerifyStrategy(delegate VerifyStrategy, cache VerifyResultCache, ttl time.Duration) *CachingVerifyStrategy
NewCachingVerifyStrategy 创建缓存策略。
func (*CachingVerifyStrategy) Name ¶
func (s *CachingVerifyStrategy) Name() string
func (*CachingVerifyStrategy) Verify ¶
func (s *CachingVerifyStrategy) Verify(ctx context.Context, token string, opts *VerifyOptions) (*VerifyResult, error)
type FallbackVerifyStrategy ¶
type FallbackVerifyStrategy struct {
// contains filtered or unexported fields
}
FallbackVerifyStrategy 降级策略。
func NewFallbackVerifyStrategy ¶
func NewFallbackVerifyStrategy(primary, fallback VerifyStrategy) *FallbackVerifyStrategy
NewFallbackVerifyStrategy 创建降级策略。
func (*FallbackVerifyStrategy) Name ¶
func (s *FallbackVerifyStrategy) Name() string
func (*FallbackVerifyStrategy) Verify ¶
func (s *FallbackVerifyStrategy) Verify(ctx context.Context, token string, opts *VerifyOptions) (*VerifyResult, error)
type LocalStrategyOption ¶
type LocalStrategyOption func(*LocalVerifyStrategy)
LocalStrategyOption 本地策略配置选项。
func WithLocalConfig ¶
func WithLocalConfig(cfg *config.TokenVerifyConfig) LocalStrategyOption
WithLocalConfig 设置验证配置。
type LocalVerifyStrategy ¶
type LocalVerifyStrategy struct {
// contains filtered or unexported fields
}
LocalVerifyStrategy 本地验证策略(使用 JWKS)。
func NewLocalVerifyStrategy ¶
func NewLocalVerifyStrategy(jwksManager *authjwks.JWKSManager, opts ...LocalStrategyOption) *LocalVerifyStrategy
NewLocalVerifyStrategy 创建本地验证策略。
func (*LocalVerifyStrategy) Name ¶
func (s *LocalVerifyStrategy) Name() string
func (*LocalVerifyStrategy) Verify ¶
func (s *LocalVerifyStrategy) Verify(ctx context.Context, tokenString string, opts *VerifyOptions) (*VerifyResult, error)
type RemoteVerifyStrategy ¶
type RemoteVerifyStrategy struct {
// contains filtered or unexported fields
}
RemoteVerifyStrategy 远程验证策略(调用 IAM 服务)。
func NewRemoteVerifyStrategy ¶
func NewRemoteVerifyStrategy(authClient VerifyTokenClient, cfg *config.TokenVerifyConfig) *RemoteVerifyStrategy
NewRemoteVerifyStrategy 创建远程验证策略。
func (*RemoteVerifyStrategy) Name ¶
func (s *RemoteVerifyStrategy) Name() string
func (*RemoteVerifyStrategy) Verify ¶
func (s *RemoteVerifyStrategy) Verify(ctx context.Context, tokenString string, opts *VerifyOptions) (*VerifyResult, error)
type StrategySelector ¶
type StrategySelector struct {
// contains filtered or unexported fields
}
StrategySelector 策略选择器,根据条件选择合适的验证策略。
func NewStrategySelector ¶
func NewStrategySelector(cfg *config.TokenVerifyConfig, jwksManager *authjwks.JWKSManager, authClient VerifyTokenClient) *StrategySelector
NewStrategySelector 创建策略选择器。
func (*StrategySelector) FallbackStrategy ¶
func (s *StrategySelector) FallbackStrategy() (*FallbackVerifyStrategy, error)
FallbackStrategy 显式获取降级策略。
func (*StrategySelector) LocalStrategy ¶
func (s *StrategySelector) LocalStrategy() (*LocalVerifyStrategy, error)
LocalStrategy 显式获取本地策略。
func (*StrategySelector) RemoteStrategy ¶
func (s *StrategySelector) RemoteStrategy() (*RemoteVerifyStrategy, error)
RemoteStrategy 显式获取远程策略。
func (*StrategySelector) Select ¶
func (s *StrategySelector) Select() (VerifyStrategy, error)
Select 根据配置选择最佳策略。
type TokenClaims ¶
type TokenClaims struct {
TokenID string
Subject string
SessionID string
Issuer string
Audience []string
ExpiresAt time.Time
IssuedAt time.Time
NotBefore time.Time
UserID string
AccountID string
TenantID string
Roles []string
Scopes []string
TokenType string
AMR []string
Extra map[string]interface{}
}
TokenClaims Token 声明。
type TokenVerifier ¶
type TokenVerifier struct {
// contains filtered or unexported fields
}
TokenVerifier Token 验证器(使用策略模式)。
func NewTokenVerifier ¶
func NewTokenVerifier(cfg *config.TokenVerifyConfig, jwksManager *authjwks.JWKSManager, authClient VerifyTokenClient) (*TokenVerifier, error)
NewTokenVerifier 创建 Token 验证器。
func NewTokenVerifierWithStrategy ¶
func NewTokenVerifierWithStrategy(strategy VerifyStrategy, opts ...TokenVerifierOption) *TokenVerifier
NewTokenVerifierWithStrategy 使用自定义策略创建验证器。
func (*TokenVerifier) Strategy ¶
func (v *TokenVerifier) Strategy() VerifyStrategy
Strategy 返回当前使用的策略。
func (*TokenVerifier) Verify ¶
func (v *TokenVerifier) Verify(ctx context.Context, token string, opts *VerifyOptions) (*VerifyResult, error)
Verify 验证 Token。
type TokenVerifierOption ¶
type TokenVerifierOption func(*TokenVerifier)
TokenVerifierOption 验证器配置选项。
func WithVerifyConfig ¶
func WithVerifyConfig(cfg *config.TokenVerifyConfig) TokenVerifierOption
WithVerifyConfig 设置验证配置。
func WithVerifyStrategy ¶
func WithVerifyStrategy(strategy VerifyStrategy) TokenVerifierOption
WithVerifyStrategy 设置验证策略。
type VerifyMetadata ¶
type VerifyMetadata struct {
TokenType authnv1.TokenType
Status authnv1.TokenStatus
IssuedAt time.Time
ExpiresAt time.Time
}
VerifyMetadata Token 验证元数据。
type VerifyOptions ¶
type VerifyOptions struct {
ForceRemote bool
IncludeMetadata bool
ExpectedAudience []string
ExpectedIssuer string
}
VerifyOptions 验证选项。
type VerifyResult ¶
type VerifyResult struct {
Valid bool
Claims *TokenClaims
Metadata *VerifyMetadata
RawToken jwt.Token
}
VerifyResult 验证结果。
type VerifyResultCache ¶
type VerifyResultCache interface {
Get(token string) (*VerifyResult, bool)
Set(token string, result *VerifyResult, ttl time.Duration)
}
VerifyResultCache 验证结果缓存接口。
type VerifyStrategy ¶
type VerifyStrategy interface {
Verify(ctx context.Context, token string, opts *VerifyOptions) (*VerifyResult, error)
Name() string
}
VerifyStrategy 定义 Token 验证策略接口。
type VerifyTokenClient ¶
type VerifyTokenClient interface {
VerifyToken(context.Context, *authnv1.VerifyTokenRequest) (*authnv1.VerifyTokenResponse, error)
}
VerifyTokenClient 定义远程验证所需的最小客户端能力。
Source Files
Click to show internal directories.
Click to hide internal directories.